The two-day, instructor-led course provides a fundamental understanding of cybersecurity concepts including evolving threats, vulnerabilities, and mitigations within the context of the Maritime Transportation System (MTS). The course aims to prepare Coast Guard personnel with the working knowledge of cyber and physical security to be able to assess cyber risks as part of facility and vessel security inspections, as well as in their cyber incident response efforts.
Course Objectives
The objectives of this course are to:
- Provide an understanding of key cybersecurity concepts in a way that is accessible for a broad and diverse USCG participant group, not expert in cybersecurity. These key concepts include cyber risks, threats, vulnerabilities, and methods of risk mitigation.
- Enable the course participants to access and apply key resource material such as applicable regulations, guidelines and government and industry reports and alerts.
- Illustrate the applicability of these cyber threat concepts to the MTS and other US Critical Infrastructure through case studies of past exploits, and those currently evolving.
Audience
USCG personnel responsible for facility and vessel inspections as well as other USCG and partner entities. No prior cybersecurity or computer science experience/knowledge is required.
Modules
The course is comprised of the following modules.
- Module 1: Fundamental Cybersecurity Concepts as Applied to the MTS
- Module 2: Common Cyber Attacks, Advanced Persistent Threats, and Mitigations
- Module 3: Information Technology (IT), Operational Technology (OT) and their Vulnerabilities
- Module 4: Analyses of Key Cyber-Attacks
- Module 5: Risk Mitigations in IT/OT systems
- Module 6: Cyber-Physical Risk Assessment in Maritime Systems
- Module 7: GPS and AIS Operation; Spoofing and Jamming
- Module 8: Course Exercise and Summary
Learning Outcomes
Upon completing this professional development course, participants will be able to:
- Understand and apply basic cybersecurity concepts to the current and evolving cyber landscape, with focus on critical infrastructure and the MTS. These concepts include threats, vulnerabilities, mitigations, and risk management to both Information Technology (IT) and Operational Technology (OT).
- Keep abreast of evolving threats and their relevance, as documented by DHS, CISA, NIST, USCG and industry alerts.
- Effectively and knowledgably interact on cyber issues with peer organization with the USCG and industry counterparts such as Facility Security Officers (FSOs), Vessel Security Officers (VSOs), and their IT staffs. Examples would be assessing cybersecurity plans for completeness and compliance with Facility Security Assessment (FSA) and Facility Security Plans (FSP) requirements, participating in cyber readiness exercises (e.g., Tabletop Exercises) and contributing to incident reports.
Format/Delivery
The two-day course is held virtually via Microsoft Teams. Course participants will receive a certificate of completion and 1.3 continuing education units (CEUs).
Course Schedule
Fall 2024 Semester
- September 19–20, 2024*
- October 24–25, 2024*
Spring 2025 semester
- January 9–10, 2025*
- February 19–20, 2025*
- March 27–28, 2025*
- April 24–25, 2025*
* The course dates are for U.S. Coast Guard personnel only.
Non-Coast Guard personnel interested in the course should contact the Director for other course date opportunities. SF 182 and other forms of payment will be accepted.
Contact
Beth Austin-DeFares
University of Houston
Mobile: 973-809-6046
Email: bdefares [at] central.uh.edu (bdefares[at]central[dot]uh[dot]edu)